[Apiman-user] Question: How to stop path segments & query parameters from going on to the back-end API endpoint?

Wed Jun 1 00:29:25 EDT 2016

Thanks much Eric, helps a lot indeed. 

Thanks,
Manav

-----Original Message-----
From: Eric Wittmann [mailto:eric.wittmann at redhat.com] 
Sent: 31 May 2016 22:59
To: Nidhish Agrawal; apiman-user at lists.jboss.org
Cc: Manvendra Rai
Subject: Re: [Apiman-user] Question: How to stop path segments & query parameters from going on to the back-end API endpoint?

The URL field holds the absolute URL sent by the client.  The 'destination' field is just the extra path segments beyond the managed endpoint.  So for example:

https://localhost:8443/apiman-gateway/MyOrg/MyApi/1.7/path/to/dest

In this case, the 'url' field will hold the entire value from above, while the 'destination' will hold just this:

/path/to/dest

The full URL exists only for auditing and reference purposes, while 'destination' is used downstream from the policies when proxying to the back end API.

-Eric

On 5/31/2016 1:24 PM, Nidhish.Agrawal at ril.com wrote:
> Hi Eric,
>
> Thanks for the very quick response, I am working on the policies part 
> with manav
>
> I am manipulating with 
> request.setUrl(request.getUrl().subString(0,15)) , but it not stoping the path param to pass with endpoint.
>
> Can you please give difference between destination & url.
>
> Regards
> Nidhish Agrawal
>
> Direct      : +91-22-4475 0085
> Mobile    : +91-8828002901
> E- mail    : nidhish <nidhish.agrawal at ril.com>
>
>
>
>
> On 5/31/16, 8:40 PM, "Eric Wittmann" <eric.wittmann at redhat.com> wrote:
>
>> Hi Manav,
>>
>> This would require a custom policy to be implemented (this is pretty 
>> easy if you have access to a java developer!).  Unfortunately we 
>> don't have any policies out of the box that will let you manipulate the path.
>>
>> But here is how you could do it in a custom plugin:
>>
>>   
>> https://gist.github.com/EricWittmann/aa0073b47f1f4d159c6a75e60ab22faf
>>
>> This is just pseudo-code, mind you.  But basically you can manipulate 
>> the path, headers, and query params in whatever way you wish.
>>
>> -Eric
>>
>> On 5/31/2016 8:01 AM, Manvendra.Rai at ril.com wrote:
>>> Hello All,
>>>
>>> I left this question on freenode  IRC and though to post the same 
>>> on the email group.
>>>
>>>
>>>
>>> *Question*: We are using API Gateway for couple of things and one of 
>>> the main functionalities we are leveraging is - Managed API.
>>>
>>>
>>>
>>> Our requirement is to create a Plugin which will invoke backend API 
>>> after fetching _fielded from the database_ based on the object id 
>>> from the Manage URL.
>>>
>>>
>>>
>>> Say for example -
>>>
>>>
>>>
>>> My manage API is -
>>>
>>>
>>>
>>> http://abc.com/apiman-gateway/testapp/manav/3.0/images/{objectid}
>>> <http://abc.com/apiman-gateway/testapp/manav/3.0/images/%7bobjectid%
>>> 7d>
>>>
>>>
>>>
>>>
>>>
>>> My Backend API
>>>
>>>
>>>
>>> http://abc.com/apiman-gateway/testapp/manav/3.0/download/images/{fil
>>> eid}
>>>
>>> <http://abc.com/apiman-gateway/testapp/manav/3.0/download/images/%7b
>>> filei
>>> d%7d>
>>>
>>>
>>>
>>> We have implemented almost all this requirement but have one issue. 
>>> As per the default behaviour, API Gateway proxies all path segments 
>>> beyond the {version} segment with query parameters back-end API.
>>>
>>> This is causing an issue because [objected] is also being sent to 
>>> Backend API.
>>>
>>>
>>>
>>> So my question is to know  how can we stop {objected} from going to 
>>> Backend API?
>>>
>>>
>>>
>>> Thanks for your time looking at the issue and advising back.
>>>
>>>
>>>
>>> Thanks,
>>>
>>> Manav
>>>
>>>
>>>
>>>
>>> "*Confidentiality Warning*: This message and any attachments are 
>>> intended only for the use of the intended recipient(s), are 
>>> confidential and may be privileged. If you are not the intended 
>>> recipient, you are hereby notified that any review, re-transmission, 
>>> conversion to hard copy, copying, circulation or other use of this 
>>> message and any attachments is strictly prohibited. If you are not 
>>> the intended recipient, please notify the sender immediately by 
>>> return email and delete this message and any attachments from your system.
>>>
>>> *Virus Warning:* Although the company has taken reasonable 
>>> precautions to ensure no viruses are present in this email. The 
>>> company cannot accept responsibility for any loss or damage arising 
>>> from the use of this email or attachment."
>>>
>>>
>>>
>>> _______________________________________________
>>> Apiman-user mailing list
>>> Apiman-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>>
>
> "Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s).
> are confidential and may be privileged. If you are not the intended 
> recipient. you are hereby notified that any review. re-transmission. 
> conversion to hard copy. copying. circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email.
> and delete this message and any attachments from your system.
>
> Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email.
> The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment."
>
"Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s). 
are confidential and may be privileged. If you are not the intended recipient. you are hereby notified that any 
review. re-transmission. conversion to hard copy. copying. circulation or other use of this message and any attachments is 
strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email. 
and delete this message and any attachments from your system.

Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. 
The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment."